var map = require('../common').Mapping;
var logger = require('../common').logger;

/**
 *  true means accessible, false means not, unlisted means login-accessible
 * */
var acl = {
    guest: {
        '/': true,
        '/index': true,
        '/login': true
    },
    manager: {
        '/project/add': false,
        '/plan/add': false,
        '/plan/edit': false,
        '/member/save': false,
        '/member/multiAdd': false,
        '/member/delete': false,
        '/team/update': false,
        '/team/update/leader': false,
        '/team/add': false,
        '/team/addMember': false,
        '/team/delete': false
    },
    admin: {
        '/plan/input':false
    },
    member: {
        '/project/add': false,
        '/plan/add': false,
        '/plan/edit': false,
        '/plan/input': false,
        '/member/save': false,
        '/member/multiAdd': false,
        '/member/delete': false,
        '/team/update': false,
        '/team/update/leader': false,
        '/team/add': false,
        '/team/addMember': false,
        '/team/delete': false,
        '/plan/detail/add': false
    },
    intern: {
        '/project/add': false,
        '/plan/add': false,
        '/plan/edit': false,
        '/member/save': false,
        '/member/multiAdd': false,
        '/member/delete': false,
        '/team/update': false,
        '/team/update/leader': false,
        '/team/add': false,
        '/team/addMember': false,
        '/team/delete': false,
        '/plan/detail/add': false
    }
};

module.exports = function (app) {
    app.use(function (req, res, next) {
        var origin = req.url.substring(0, 5);
        if (origin == '/lib/' || origin == '/css/') {
            next();
            return;
        }
        var role, url = req.url.split("?")[0];
        url = url.split("#")[0];
        logger.debug('HTTP Request Start : ' + req.url);

        if (!req.session.uid && req.cookies && req.cookies.remember) {
            var buffer = new Buffer(req.cookies.remember, 'base64');
            var uid = buffer.toString().split(":")[0];
            if (map.userName[uid]) {
                req.session.uid = uid;
                logger.info("User Remembered Login: " + map.userName[uid]);
            }
        }

        req.session.uid && (role = map.userRole[req.session.uid]);
        !role && (role = 'guest');
        if (url in acl[role]) {
            if (acl[role][url]) {
                logger.info('Passport : Access Correctly');
                next();
            } else {
                logger.info('Passport : No Authority');
                if (req.method === 'GET') {
                    res.render('errorTpl', {code: 401, description: map.error[401]});
                } else {
                    res.send({error: 401, description: map.error[401]});
                }

            }
        } else {
            if (role == 'guest') {
                logger.info('Passport : Not Login');
                if (req.method === 'GET') {
                    res.render('errorTpl', {code: 402, description: map.error[402]});
                } else {
                    res.send({error: 402, description: map.error[402]});
                }
            } else {
                logger.info('Passport : Public URL for Role : ' + role);
                next();
            }
        }
    });
};
